[
https://issues.apache.org/jira/browse/AMQ-7426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17047532#comment-17047532
]
Jean-Baptiste Onofré commented on AMQ-7426:
-------------------------------------------
[~cshannon] ActiveMQ is not affected by CVE-2019-17571 directly as we don't use
the SocketServer. However, I think it makes sense to upgrade, the main impact
is on our jms appender. But not a big effort. However, it could be done in
5.16.1 (it should be transparent).
> Upgrade to log4j2
> -----------------
>
> Key: AMQ-7426
> URL: https://issues.apache.org/jira/browse/AMQ-7426
> Project: ActiveMQ
> Issue Type: Task
> Components: Broker
> Reporter: Jean-Baptiste Onofré
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Fix For: 5.16.0
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
